﻿<?php
session_start();
ini_set('max_execution_TIME', 600);
include("dbconfig.php");


$examp = $_REQUEST["q"]; 
$ip=$_REQUEST["ip"];

$page = $_REQUEST['page']; 
$limit = $_REQUEST['rows']; 
$sidx = $_REQUEST['sidx']; 
$sord = $_REQUEST['sord'];
$userid=$_SESSION['userid']; 
$sign=$_SESSION['sign'];
if(!$sidx) $sidx =1;
$style=-1;
//搜索与初始化时候传出的参数

if(isset($_GET["style"]))
	{
	$style = $_GET['style'];
	}
else{
	$style= 0;
	}
if(isset($_GET["sip_mask"]))
	{
	$sip_mask = $_GET['sip_mask'];
	}
else{
	$sip_mask= '';
	}
if(isset($_GET["dip_mask"]))
	{
	$dip_mask = $_GET['dip_mask'];
	}
else{
	$dip_mask= '';
	}
if(isset($_GET["send_mask"]))
	{
	$send_mask = $_GET['send_mask'];
	}
else{
	$send_mask= '';
	}
if(isset($_GET["rev_mask"]))
	{
	$rev_mask = $_GET['rev_mask'];
	}
else{
	$rev_mask= '';
	}
if(isset($_GET["ip_mask"]))
	{
	$ip_mask = $_GET['ip_mask'];
	}
else{
	$ip_mask= '';
	}
if(isset($_GET["url_mask"]))
	{
	$url_mask = $_GET['url_mask'];
	}
else{
	$url_mask= '';
	}

if($_GET["deal_mask"] != 'null'){
if(isset($_GET["deal_mask"]))
    {
	$deal_mask = $_GET['deal_mask'];
	}
else{
	$deal_mask = '';
	}
if(isset($_GET["deal_mask"][0]))
    {
	$deal_mask0 = $_GET['deal_mask'][0];
	}
else{
	$deal_mask0= '';
	}
if(isset($_GET["deal_mask"][2]))
    {
	$deal_mask1 = $_GET['deal_mask'][2];
	}
else{
	$deal_mask1= '';
	}
if(isset($_GET["deal_mask"][4]))
    {
	$deal_mask2 = $_GET['deal_mask'][4];
	}
else{
	$deal_mask2= '';
	}
if(isset($_GET["deal_mask"][6]))
    {
	$deal_mask3 = $_GET['deal_mask'][6];
	}
else{
	$deal_mask3= '';
	}
}
if(isset($_GET["from_mask"]))
   {
	$from_mask = $_GET['from_mask'];
	}
else{
	$from_mask = '';
	}
if(isset($_GET["to_mask"]))
   {
	$to_mask = $_GET['to_mask'];
	}
else{
	$to_mask = '';
	} 

if(isset($_GET["pro_mask"]))
   {
	$pro_mask = $_GET['pro_mask'];
	}
else{
	$pro_mask = '';
	}
if(isset($_GET["nm_mask"]))
   {
	$nm_mask = $_GET['nm_mask'];
	
	}
else{
	$nm_mask = '';
	}  
	
//点击ip列表后传回的参数	


if($style==0){
$db = mysql_pconnect($dbhost, $dbuser, $dbpassword)
or die("Connection Error: " . mysql_error());
mysql_select_db($database) or die("Error conecting to db.");
mysql_query("SET names UTF8");
$where = " WHERE 1=1 ";
if($from_mask!='')
	$where.= " AND a.date >='$from_mask%'";
if($to_mask!='')
	$where.= " AND a.date <='$to_mask%'";
$where.=" AND "."("."1=1";
if($deal_mask0!='')
	$where.= " AND a.deal = '$deal_mask0'";
if($deal_mask1!='')
	$where.= " OR a.deal = '$deal_mask1'";
if($deal_mask2!='')
	$where.= " OR a.deal = '$deal_mask2'";
if($deal_mask3!='')
	$where.= " OR a.deal = '$deal_mask3'";
$where.=")";
if($sip_mask!='')
    $where.= " AND a.sip like '%$sip_mask%'";
if($dip_mask!='')
    $where.= " AND a.dip like '%$dip_mask%'";
if($send_mask!='')
    $where.= " AND a.sender like '%$send_mask%'";
if($rev_mask!='')
    $where.= " AND a.receiver like '%$rev_mask%'";
if($pro_mask!='')
    $where.= " AND a.protocol like '%$pro_mask%'";
if($url_mask!='')
    $where.= " AND a.url like '%$url_mask%'";
if($nm_mask!='')
    $where.= " AND b.name like '%$nm_mask%' ";
$where.=" AND a.trojanid = b.id ";
#if($nm_mask!=''){
#    $sql="select id from black_trojan where name like '$nm_mask'";
#    $result = mysql_query($SQL);
#    if (!$result) echo "SQL错误：".mysql_error();
#    $count = mysql_num_rows($result);
#    if ($count!=0){
#     $row = mysql_fetch_array($result,MYSQL_ASSOC);
#     $nm_mask=$row[id];
#     $where.= " AND trojanid = '$nm_mask'";
#    } 
#    
#    }
    




$SQL ="select a.id,a.date,a.time,b.name,a.sip,a.dip,a.sport,a.dport,a.url,a.protocol,a.deal,a.sender,a.receiver,a.alarm,a.emailid ". "from  res_trojan a, black_trojan b ".$where;

$result = mysql_query($SQL);
if (!$result) echo "SQL错误：".mysql_error();
$count = mysql_num_rows($result);

if( $count >0 ) {
	$total_pages = ceil($count/$limit);
} else {
	$total_pages = 0;
}
if ($page > $total_pages) $page=$total_pages;
if ($limit<0) $limit = 0;
$start = $limit*$page - $limit; // do not put $limit*($page - 1)
if ($start<0) $start = 0;
$SQL ="select a.id,a.date,a.time,b.name,a.sip,a.dip,a.sport,a.dport,a.url,a.protocol,a.deal,a.sender,a.receiver,a.alarm,a.emailid ".  "from  res_trojan a,black_trojan b ".$where." ORDER BY $sidx $sord LIMIT $start , $limit";
//echo $SQL;
$result = mysql_query( $SQL ) or die("Couldnt execute query.".mysql_error());
$responce->page = $page;
$responce->total = $total_pages;
$responce->records = $count;
$i=0;

while($row = mysql_fetch_array($result,MYSQL_ASSOC)) {
	$responce->rows[$i]['ID']=$row[id];

    	 	switch($row[deal]){
   case 0: $row[deal]="阻断";break;
   case 1: $row[deal]="隔离";break;
   case 2: $row[deal]="重定向";break;
   case 3: $row[deal]="欺骗";break;
    }
    
    switch($row[alarm]){
   case "00": $row[alarm]="没告警";break;
   case "01": $row[alarm]="邮件";break;
   case "10": $row[alarm]="短信";break;
   case "11": $row[alarm]="邮件+短信";break;
    }
#    $sql="select name from black_trojan where id like '$row[trojanid]'";
#    $result = mysql_query($SQL);
#    if (!$result) echo "SQL错误：".mysql_error();
#    $row1 = mysql_fetch_array($result,MYSQL_ASSOC);
#    $nm=$row1[id];
    $responce->rows[$i]['cell']=array($row[id],$row[date],$row[time],$row[name],$row[sip],$row[dip],$row[sender],$row[receiver],$row[url],$row[protocol],$row[deal],$row[alarm],$row[sport],$row[dport],"null",$row[emailid]);
    $i++;
} 

echo json_encode($responce);
mysql_close($db);
}

else if($style==1)
{
$where = " WHERE 1=1  ";
if($from_mask!='')
	$where.= " AND a.date >='$from_mask%'";
if($to_mask!='')
	$where.= " AND a.date <='$to_mask%'";
if($nm_mask!='')
    $where.= " AND b.name like '%$nm_mask%' ";
$where.=" AND a.trojanid = b.id AND a.ipid = c.id ";
$db = mysql_pconnect($dbhost, $dbuser, $dbpassword)
or die("Connection Error: " . mysql_error());
mysql_select_db($database) or die("Error conecting to db.");
mysql_query("SET names UTF8");
$SQL ="select * from res_trojan a,black_trojan b,black_ip c ".$where."group by a.ipid,a.date,a.deal";

$result = mysql_query($SQL);
if (!$result) echo "SQL错误：".mysql_error();
$count = mysql_num_rows($result);

if( $count >0 ) {
	$total_pages = ceil($count/$limit);
} else {
	$total_pages = 0;
}
if ($page > $total_pages) $page=$total_pages;
if ($limit<0) $limit = 0;
$start = $limit*$page - $limit; // do not put $limit*($page - 1)
if ($start<0) $start = 0;
$SQL ="select a.id,a.time,a.date,b.name,a.sip,a.dip,c.ip,a.url,a.sport,a.dport,a.sender,a.receiver,a.deal,count(*) as num from res_trojan a,black_trojan b ,black_ip c ".$where."group by a.ipid,a.date, a.deal ORDER BY $sidx $sord LIMIT $start , $limit";
$result = mysql_query( $SQL ) or die("Couldnt execute query.".mysql_error());
$responce->page = $page;
$responce->total = $total_pages;
$responce->records = $count;
$i=0;

while($row = mysql_fetch_array($result,MYSQL_ASSOC)) {
	$responce->rows[$i]['ID']=$row[id];

   switch($row[deal]){
   case 0: $row[deal]="阻断";break;
   case 1: $row[deal]="隔离";break;
   case 2: $row[deal]="重定向";break;
   case 3: $row[deal]="欺骗";break;
    }
        switch($row[alarm]){
   case "00": $row[alarm]="没告警";break;
   case "01": $row[alarm]="邮件";break;
   case "10": $row[alarm]="短信";break;
   case "11": $row[alarm]="邮件+短信";break;
    }
#    $sql="select name from black_trojan where id like '$row[trojanid]'";
#    $result = mysql_query($SQL);
#    if (!$result) echo "SQL错误：".mysql_error();
#    $row1 = mysql_fetch_array($result,MYSQL_ASSOC);
#    $nm=$row1[id];
    $responce->rows[$i]['cell']=array($row[id],$row[name],$row[sport],$row[dport],$row[ip],$row[url],$row[date],$row[num],$row[type]);
    $i++;
} 

echo json_encode($responce);
mysql_close($db);
} 
else if($style==2)
{
     
$where = " WHERE 1=1  ";
if($from_mask!='')
	$where.= " AND a.date like '$from_mask'";
if($nm_mask!='')
	$where.= " AND b.name like '%$nm_mask%'";
#if($deal_mask!='')
#	$where.= " AND a.deal ='$deal_mask'";
$where.="AND a.trojanid = b.id";


$link = mysql_connect($dbhost,$dbuser,$dbpassword) or die('Unable to establish a DB connection');
mysql_select_db($database,$link);
mysql_query("SET names UTF8");
date_default_timezone_set($timezone); //北京时间
$ret=array();
$SQL="select a.id,count(*) as num,a.dip,a.sip,a.time,a.date from res_trojan a,black_trojan b ".$where." group by a.time";


$result = mysql_query($SQL); 
if (!$result) echo "SQL错误：".mysql_error();

while($row = mysql_fetch_array($result,MYSQL_ASSOC)) {
   $t_date=$row[date];
   $t_time=$row[time];
   $datetime=$t_date." ".$t_time;
   $x=strtotime($datetime)*1000;
   $y1=intval($row[num]);
   $y2=$row[sip];
   $tmp=array($x,$y1);
   array_push($ret,$tmp);
}
    
//$ret=array(array(1318253100000,100),array(1318253100029,200),array(1318253100040,1));
//$ret=array(array(1337084640000,1),array(1337084640000,2),array(337085300000,1));
echo json_encode($ret);


}
else if($style==3)
{
$where = " WHERE 1=1  ";

if($nm_mask!='')
	$where.= " AND b.name like '%$nm_mask%'";
#if($deal_mask!='')
#	$where.= " AND a.deal ='$deal_mask'";
$where.="AND a.trojanid = b.id";

$link = mysql_connect($dbhost,$dbuser,$dbpassword) or die('Unable to establish a DB connection');
mysql_select_db($database,$link);
mysql_query("SET names UTF8");
date_default_timezone_set($timezone); //北京时间
$ret=array();
$SQL="select a.id,count(*) as num,a.dip,a.sip,a.date from res_trojan a,black_trojan b ".$where." group by a.date";


$result = mysql_query($SQL); 
if (!$result) echo "SQL错误：".mysql_error();

while($row = mysql_fetch_array($result,MYSQL_ASSOC)) {
   $t_date=$row[date];
  
  
   $x=strtotime($t_date)*1000;
   $y1=intval($row[num]);
   $y2=$row[sip];
   $tmp=array($x,$y1);
   array_push($ret,$tmp);
}
    
//$ret=array(array(1318253100000,100),array(1318253100029,200),array(1318253100040,1));
//$ret=array(array(1337084640000,1),array(1337084640000,2),array(337085300000,1));
echo json_encode($ret);

}
   

?>
